From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 72BBBC83F1B for ; Thu, 17 Jul 2025 00:12:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CC4246B009D; Wed, 16 Jul 2025 20:12:28 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C74886B009E; Wed, 16 Jul 2025 20:12:28 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B63846B00A1; Wed, 16 Jul 2025 20:12:28 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id A21E46B009D for ; Wed, 16 Jul 2025 20:12:28 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 2DB6C1DA601 for ; Thu, 17 Jul 2025 00:12:28 +0000 (UTC) X-FDA: 83671829976.24.ED70A60 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) by imf21.hostedemail.com (Postfix) with ESMTP id 696D41C0009 for ; Thu, 17 Jul 2025 00:12:26 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=d4s8LWQ5; spf=pass (imf21.hostedemail.com: domain of 36T94aAsKCJQy082F92MHB44CC492.0CA96BIL-AA8Jy08.CF4@flex--ackerleytng.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=36T94aAsKCJQy082F92MHB44CC492.0CA96BIL-AA8Jy08.CF4@flex--ackerleytng.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1752711146; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=gk6wLLhT1qqsQx1vsq1Ga7hHjoZDrrbu+Mlqiv/jJEw=; b=7/X+LylfajzOFoXLV9oCHrIg6z9wI6rVcIkTRvtk3cKM8/rcTfwK7ibtdAiiUPNx8buIPb 5jElK5BKfuonwsrAtzjbgOKH1u8KQxs1G5w4/pijfbEPYjrP7tqEI71e6GUj3RnGLjbF5+ cegBjw9vjPpb9BlVv2d04Lg2GXJhNIw= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=d4s8LWQ5; spf=pass (imf21.hostedemail.com: domain of 36T94aAsKCJQy082F92MHB44CC492.0CA96BIL-AA8Jy08.CF4@flex--ackerleytng.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=36T94aAsKCJQy082F92MHB44CC492.0CA96BIL-AA8Jy08.CF4@flex--ackerleytng.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752711146; a=rsa-sha256; cv=none; b=fuVqiAFVqhmnnvcFKrL1ausi8wnaRlT9duT62ZAPxjWUbmmQgZBXyDkdJ8M7JWWfgRU1h7 eZTr2v+51fy4tez1JGyG1rscKGqKmP6jlrwfULXzFCdwQU2fhvr+iQI3N6zzdqQb4VV834 PMqlayx9eGUx/peXTnpz8AWhaZAUGJM= Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-313f8835f29so537179a91.3 for ; Wed, 16 Jul 2025 17:12:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1752711145; x=1753315945; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=gk6wLLhT1qqsQx1vsq1Ga7hHjoZDrrbu+Mlqiv/jJEw=; b=d4s8LWQ5xHNQrEuWZc/gGTKpTDMfcvEsE5S+/FglK0bWnDk64SwOVfAkxsYIwvKBqp i7yYxoA7/ibIiU2RYx7U1seN8XtlAbtoY2mq9DJMpkT1KV6uvSPtIL3Yv2hXTRSRE3KB OAQqp0O0djCuVbu5uSdHCiB9Lu3ALfnW6+zZ98XiHhVhHJtqD5u9QPC13GHaEHEuKkpj zSXp6S+2+GgBm8n6bIN2iBo8OykWiNqmXNR39Bdutc7jpKOvE6/t1dpU1raydbgKVZ5S 8azyh7QqUesIfxEiJNjSi3EwJJs5tt8zXKGbnIqip3ATIZhYT1ySJmBf3R1R/r4bo2NB nYgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752711145; x=1753315945; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=gk6wLLhT1qqsQx1vsq1Ga7hHjoZDrrbu+Mlqiv/jJEw=; b=c5Kbl3z4v7sGhBiut6WV3z7RcdQTegik531hHkR8KRnDT9hY1Bqlet/BiP3uMg6HRS xplHhFn0ojt92sycXwx/VE6wTc4Z0ElqrsthpmnWeNtTdiAkiv5H2y9yR4vMvD+I2rYZ xl06xb+Ia/MvvJ03ahr14oePW8NXrcQni4VKkfSom/TeMk60JX9oXMOgsM2WWIx0zL7R nckBT3RK7dAitzCa8mPugqMcutWbv789JhajiRud79FFxgmBuuAMXTQb2Are/suHYzW1 sYhet/lgCXkGSmGfp8ijTiyUVPCtk03GG77+N3JXwK92eQsmARecamso3VdNH1UB99gU 9CHw== X-Forwarded-Encrypted: i=1; AJvYcCW99sdfuuvzTDWJ0yHXpcVI57tG/JkMCo5nDLMwfJzS0XgQPb+BcGa/tv9iUGqnGDF/gzP1PdxqoQ==@kvack.org X-Gm-Message-State: AOJu0YxBRftchpNBCp8FiKMyrVRynVH/n1bZQgkDYjjg/iqR0xHrQlNx MWfHkR6mYZyI53/TSBAiL3XGX4eZDjWf3VsQNY0XOajLyJSxfzceH6QqSY14IwqOMav3CMIyHtC yzNglUVXCBrPvbcyuV9YHbWe0Eg== X-Google-Smtp-Source: AGHT+IHYqkhidL9ADNIxka/sw9kZlySMvbshPs2sml34P69NiRa5nonm2zXm4PkWmozfaq0ESGY7q3V4+4cqMYXu2A== X-Received: from pjbsd11.prod.google.com ([2002:a17:90b:514b:b0:311:c5d3:c7d0]) (user=ackerleytng job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5307:b0:313:db0b:75e4 with SMTP id 98e67ed59e1d1-31c9f48a241mr8160755a91.33.1752711145174; Wed, 16 Jul 2025 17:12:25 -0700 (PDT) Date: Wed, 16 Jul 2025 17:12:23 -0700 In-Reply-To: Mime-Version: 1.0 References: <20250715093350.2584932-1-tabba@google.com> <20250715093350.2584932-5-tabba@google.com> Message-ID: Subject: Re: [PATCH v14 04/21] KVM: x86: Introduce kvm->arch.supports_gmem From: Ackerley Tng To: Xiaoyao Li , Fuad Tabba , kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, peterx@redhat.com, pankaj.gupta@amd.com, ira.weiny@intel.com Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: 7gzjofh9fxthtfzbjs7eesttcjwkoqn3 X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 696D41C0009 X-Rspam-User: X-HE-Tag: 1752711146-232974 X-HE-Meta: U2FsdGVkX1/Zd2kzTCF2nU6oSC81Yqw35A9BRJ38A3F091VUb4wi2FpIsa3IDxpXcSi8VuEZ1IR66zeBkapqle4oR0DIvDJyk7hoaNlZPqW1phz0XWNcf2SxZInLDPmjBfZh3Nvdq7OqU4EnHsS7DOdEV5G1Rz0kYQFCu1NPJRwnXMqeAHipjddrQaexg8NjwIWNo4bOsjpDXlnX7aYkm9HR3ufomLWCgkPAANaC1WsCauEYaILSDY4N0RDxhsZIn6Szvv9lXLjUmr1Mg6nmBt+H96OZplz0kUlLNJbJR2b2QJu0Dz6MCQRTR/yCDQJp2WKEI+H81q3QKilLap37UbOCpFJmZOtzRPHsv+/iRLDOQlKZtmdzOAMIqMsbQGfzIeGORF1tfaUtUPTvdP6+owXznv8uwiSTqj7II71ihPL+2En4iRYfrlrmAz0cW1uqTMM4V9ltkk2y3T5mvDHkY8j8noGIkqgONwwQYablnr1/s80NkdeGzZG2SpMay5kD3PWtYzRytI2MOfsRo+V7fOxZo5imdqSOHjMEr+j/WhmIzTF2ZturrR6kO4ydmhNqoZAXT0Qcn8ocQuFNRHmIjBTp6GEjCpTUm1Jw6ocHqYEdW+IbVbvJkxzy+OzFJEtxRakitpYMj7MDtPYzAntzEd+gRqEDfUDXsmnm5N9ZWtdq2ZGJ8WiHCr5AAob+7BcJe+ILDUTV62WSITAfHFNLp+Q4oMDG8RDui37R+Dw74mCKy45z2WUUedMTmsp/WTFh2FNaRZMxrf9ONoZOHSxEVC8eD8NMide2TsngStdBKZe7B/hnrPUgdP9zzAKr0h14Sn2Jb3rP0zobl50Iv5qwK5ogA/REaU1HUAdpRBCm1OigwEM3kW61q8JPSRovbDsi44Tp/uno3pST+VZWGY6uq7GI2PNTEgfQ08gl9G2uJKbf0oihrs+THpnQ/5WOWe/adejl2XLKxY2+QKDI9Jw RsqA7WIV rOGwjLFJHmIppC1mxcvapVq1sSMW6NhgAzN6E32u4Ff+1FRfkpviF+1cmFHj1D61DrzKJ7aq42NiOAG0qg+K/CS5YcUX7cONBP8H13MdoWirBeZ0e8nhY2QI+0WLRBnoiKxHesnXfuk0rUymeFZ7oa+ZIaQqYW2xgeV0JjCbIPneW7pyRqwAXcBeO2GDJGIERpIpunnfDu5BzDoJB8sc5JhoznaBTZWOTzMaiiYLfN5u09UywGj2iyQMyILfkVu6mMqHU1ImuTVDv5BzLt31gzb8GuOvDXnyYRci3WA4jDNOFWaZ5psDjcU3KzWG0YqDHypTl1nGJSDkah5q4eGFbSEAxBfMyZihdD4qbDP9Qy8SGvYXzMx+mSbfYfRPAzOh7IsERdMTczuwKe0oW/vpy5fXkYyjobFydRwA2xve64rdwHJ4ZWLLbWaci8gUtt9040i2I9NfvDN4Cw0KdRQTMwU8AWF+DcZqqvapQuq3KmC6/i0oYFeqHk/Zu/iqzg1JLa6L/Vj5RAPRY/lsqYqfi+gvv03t8UXvA8CRdVNJ/K59OGWsjgpHhtvqUeQHCZYSXhsmOv0rP/CHXLwO/TyWuEZvSkHN8UrmgRk7HN9ZnhRTABL67IoP8M0LHQdZHYFDcoS/0BbIqrmZpDsh4jed+TeDVoEvApYQJzxn0y5GpAWHrAL1fxo4bclDKZmc5rFkaZEmMaoDT6vf27eYff0CJNhgwX2bSaVRFmNfxUrdJkc57s5q/JLczFDuP5Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Xiaoyao Li writes: > On 7/15/2025 5:33 PM, Fuad Tabba wrote: >> Introduce a new boolean member, supports_gmem, to kvm->arch. >> >> Previously, the has_private_mem boolean within kvm->arch was implicitly >> used to indicate whether guest_memfd was supported for a KVM instance. >> However, with the broader support for guest_memfd, it's not exclusively >> for private or confidential memory. Therefore, it's necessary to >> distinguish between a VM's general guest_memfd capabilities and its >> support for private memory. >> >> This new supports_gmem member will now explicitly indicate guest_memfd >> support for a given VM, allowing has_private_mem to represent only >> support for private memory. >> >> Reviewed-by: Ira Weiny >> Reviewed-by: Gavin Shan >> Reviewed-by: Shivank Garg >> Reviewed-by: Vlastimil Babka >> Co-developed-by: David Hildenbrand >> Signed-off-by: David Hildenbrand >> Signed-off-by: Fuad Tabba > > Reviewed-by: Xiaoyao Li > > Btw, it seems that supports_gmem can be enabled for all the types of VM? > For now, not really, because supports_gmem allows mmap support, and mmap support enables KVM_MEMSLOT_GMEM_ONLY, and KVM_MEMSLOT_GMEM_ONLY will mean that shared faults also get faulted from guest_memfd. A TDX VM that wants to use guest_memfd for private memory and some other backing memory for shared memory (let's call this use case "legacy CoCo VMs") will not work if supports_gmem is just enabled for all types of VMs, because then shared faults will also go to kvm_gmem_get_pfn(). This will be cleaned up when guest_memfd supports conversion (guest_memfd stage 2). There, a TDX VM will have .supports_gmem = true. With guest_memfd stage-2 there will also be a KVM_CAP_DISABLE_LEGACY_PRIVATE_TRACKING. KVM_CAP_DISABLE_LEGACY_PRIVATE_TRACKING defaults to false, so for legacy CoCo VMs, shared faults will go to the other non-guest_memfd memory source that is configured in userspace_addr as before. With guest_memfd stage-2, KVM_MEMSLOT_GMEM_ONLY will direct all EPT faults to kvm_gmem_get_pfn(), but KVM_MEMSLOT_GMEM_ONLY will only be allowed if KVM_CAP_DISABLE_LEGACY_PRIVATE_TRACKING is true. TDX VMs wishing to use guest_memfd as the only source of memory for the guest should set KVM_CAP_DISABLE_LEGACY_PRIVATE_TRACKING to true before creating the guest_memfd. > Even without mmap support, allow all the types of VM to create > guest_memfd seems not something wrong. It's just that the guest_memfd > allocated might not be used, e.g., for KVM_X86_DEFAULT_VM. p